Simple Python library for Phlow authentication
Project description
Phlow
JWT authentication middleware for AI agents with Supabase integration
๐ฏ What is Phlow?
Phlow is authentication middleware for AI agents that's evolving into the Agent Marketplace Platform - enabling agents to discover, authenticate, and monetize their capabilities.
Current: A2A Protocol + Supabase โข JWT Auth โข Middleware Vision: The "App Store for AI Agents"
๐ Our Evolution Path
Phase 1: Authentication Middleware (Current)
โ
Phase 2: Agent Discovery & Registry
โ
Phase 3: Agent Marketplace Platform
We're building the foundational trust layer that will enable agents to securely discover, interact with, and monetize their capabilities - creating the first true marketplace for AI agent services.
โก Quick Start
pip install phlow
Python Example
from phlow import PhlowMiddleware, AgentCard, PhlowConfig
config = PhlowConfig(
agent_card=AgentCard(
name="My Agent",
description="Agent description",
service_url="https://my-agent.com",
skills=["chat", "analysis"],
metadata={"agent_id": "my-agent-id", "public_key": "public-key-here"}
),
private_key=os.environ["PRIVATE_KEY"],
supabase_url=os.environ["SUPABASE_URL"],
supabase_anon_key=os.environ["SUPABASE_ANON_KEY"]
)
phlow = PhlowMiddleware(config)
FastAPI Middleware
# Use A2A authentication with Supabase features
@app.post("/api/chat")
async def chat_endpoint(context: PhlowContext = Depends(auth_required)):
# Access agent info and Supabase client
agent = context.agent
return {"message": f"Hello from {agent.name}"}
๐ Features
- ๐ JWT Authentication - Verify A2A Protocol JWT tokens
- ๐ Agent Storage - Store and retrieve agent cards in Supabase
- ๐ก๏ธ RLS Helpers - Generate basic Supabase Row Level Security policies
- ๐ Basic Audit - Log authentication events to Supabase
- ๐ Python Package - Pure Python implementation
- ๐ง FastAPI Integration - Complete middleware with dependency injection
How It Works
sequenceDiagram
participant A as Agent A
participant B as Agent B
participant S as Supabase Registry
A->>A: Generate JWT with private key
A->>B: Send request + JWT + Agent ID header
B->>S: Lookup Agent A's public key
S->>B: Return AgentCard with public key
B->>B: Verify JWT signature
B->>A: Return response
๐ฆ What's Included
phlow/
โโโ src/phlow/ # Python authentication library
โโโ tests/ # Test suite
โโโ examples/ # Example implementations
โโโ docs/ # Documentation
โโโ getting-started.md # Quick setup guide
โโโ a2a-compatibility.md # A2A Protocol integration
โโโ api-reference.md # API documentation
๐๏ธ How It Works
Phlow is a lightweight middleware that connects A2A Protocol JWT authentication with Supabase storage:
- JWT Verification - Validates A2A Protocol tokens
- Agent Lookup - Retrieves agent cards from Supabase
- Context Creation - Provides agent info and Supabase client to your app
- Basic Logging - Optionally logs auth events
See Getting Started for setup instructions.
๐ง Setup
- Install:
pip install phlow - Configure: Set up Supabase project and environment variables
- Initialize: Register your agent card in Supabase
- Authenticate: Add Phlow middleware to your A2A agent
Detailed Setup Instructions โ
๐ก Example: A2A Agent with Phlow Auth
# A2A + Phlow Integration
from phlow import PhlowMiddleware, AgentCard, PhlowConfig
config = PhlowConfig(
agent_card=AgentCard(
name="My Agent",
description="A2A-compatible agent",
service_url="https://my-agent.com",
skills=["chat", "analysis"],
metadata={"agent_id": "my-agent-id", "public_key": "public-key-here"}
),
private_key=os.environ["PRIVATE_KEY"],
supabase_url=os.environ["SUPABASE_URL"],
supabase_anon_key=os.environ["SUPABASE_ANON_KEY"]
)
phlow = PhlowMiddleware(config)
# Use with FastAPI
from phlow.integrations.fastapi import create_phlow_dependency
auth_required = create_phlow_dependency(phlow)
@app.post("/api/a2a/message")
async def handle_message(context: PhlowContext = Depends(auth_required)):
# Process A2A message using phlow context
return {"status": "received"}
๐ Documentation
- Getting Started - Quick setup guide
- A2A Compatibility - A2A Protocol integration
- API Reference - Complete API docs
๐ Language Support
| Language | Package | Framework Support |
|---|---|---|
| Python | phlow |
FastAPI |
๐ Roadmap & Vision
Phase 1: Authentication Middleware (Current)
- โ JWT authentication for A2A Protocol
- โ Agent card storage in Supabase
- โ Basic middleware for FastAPI
- ๐ Enhanced security and testing
Phase 2: Agent Discovery & Registry (Next 6 months)
- ๐ฏ Central agent registry with search capabilities
- ๐ฏ Agent capability matching and discovery
- ๐ฏ Enhanced agent profiles and metadata
- ๐ฏ Agent network visualization
Phase 3: Agent Marketplace Platform (6-18 months)
- ๐ฏ Agent monetization and billing
- ๐ฏ Usage analytics and performance metrics
- ๐ฏ Agent rating and reputation systems
- ๐ฏ Developer tools and SDK ecosystem
Our North Star: Create the first true marketplace where AI agents can discover, authenticate, and monetize their capabilities - making agent-to-agent commerce as simple as an API call.
Contributing
Pull requests welcome! We're building towards our marketplace vision:
Current Focus Areas:
- Authentication middleware improvements
- Supabase integration enhancements
- Agent registry and discovery features
- Developer experience improvements
Future Contribution Areas:
- Agent marketplace features
- Monetization and billing systems
- Analytics and metrics
- Community tools and governance
Scope: Please keep contributions focused on authentication, agent registry, discovery, and marketplace features. Communication protocols should be contributed to the A2A Protocol directly.
Quick Start
# Install dependencies
uv sync --dev
# Run all quality checks
uv run task quality
# Run tests
uv run task test
# Run E2E tests (requires Docker)
uv run task test-e2e
Development Commands
uv sync --dev # Install all dependencies
uv run task test # Run all tests with coverage
uv run task test-unit # Run unit tests only
uv run task test-e2e # Run end-to-end tests (Docker required)
uv run task lint # Run linting with auto-fix
uv run task format # Format code
uv run task type-check # Run type checking
uv run task quality # Run all quality checks
uv run task build # Build distribution packages
uv run task clean # Clean build artifacts
Testing
- Unit Tests:
uv run task test-unit- Fast, mocked, runs in CI - E2E Tests:
uv run task test-e2e- Full stack, Docker required
License
MIT License - see LICENSE file for details.
Built with โค๏ธ for the A2A ecosystem
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file phlow-0.1.7.tar.gz.
File metadata
- Download URL: phlow-0.1.7.tar.gz
- Upload date:
- Size: 62.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1df31df03b54085005ec64b0e2eb91c9467f496ddea86ef9c77e3f177d1fee21
|
|
| MD5 |
dc1cd36a41bd630c5183fb7832e9643e
|
|
| BLAKE2b-256 |
3e9e792e1d3aa9d367fef51a1bd06bbc2e099e4af76693dc52d07825c9efbf8b
|
File details
Details for the file phlow-0.1.7-py3-none-any.whl.
File metadata
- Download URL: phlow-0.1.7-py3-none-any.whl
- Upload date:
- Size: 49.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e41739eef8d603eef2afd00569b4977eae510d268ca294b17dd9150b037f4c21
|
|
| MD5 |
f181f84019a2f1ed8f07a5dd1690f914
|
|
| BLAKE2b-256 |
258deead24aacb14a26be8c96cee6a9326a731fbdfb819f66a12303430297b43
|
